Story image

Employees cause security concerns

16 Jun 11

New Zealand businesses are concerned about security breaches coming from staff mistakes, a recent survey from Symantec shows.

Well-meaning insiders are rated by 52% of NZ businesses as a "somewhat significant" or "extremely significant" security threat, ahead of malicious insiders, hackers and targeted attacks.

The Symantec 2011 State of Security Study had asked 100 small and medium sized New Zealand companies to identify the most significant threats facing their organisation. The study showed an increased concern about security compared to last year.

Steve Martin, Symantec director, SMB, Pacific region, said it was his impression employees most often had good intentions, but could cause security breaches due to lack of knowledge.

The rise of social media in the business was seen as the main industry trend driving the corporate security challenges, followed by the use of personal consumer devices for business purposes.

"It is interesting to see companies being more concerned with threats from inside their organisation than from outside attacks," Martin commented today during his visit to New Zealand.

He says such internal security breaches often come in the shape of malicious code attacks or social engineering attacks.

Two-thirds of the companies asked had seen cyber attacks over the past 12 months.

"In my opinion, the 36% of respondents, who said they did not see any cyber attacks, probably didn’t look hard enough," says Martin.

To meet the changing security threats, Symantec suggests a fundamental change of attitude towards data security.

"We recommend that companies change their approach from focusing merely on device security to an information-centric approach, where they categorise their information, classify the important and sensitive information and then take steps to protect it," says Martin.